Major Australian Retailer Accused of Selling Infected Hard Drives

skegg writes "Dick Smith, a major Australian electronics retailer, is being accused of regularly selling used hard drives as new. Particularly disturbing is the claim that at least one drive contained malware-infested pirated movies, causing the unlucky buyer significant data loss. Apparently the Fair Trading Commissioner will be conducting an investigation."

Standard Practice

[acehole]

Seems standard practice with a lot of stores. Someone takes something back because they don't want or need it for whatever reason, the shop will just shrinkwrap it up again and the next buyer is none the wiser. I'm surprised that it hasn't happened sooner.

On another note, so how exactly can a video file (pirated movie or not) be 'malware infested'?

Re:Standard Practice

[hairyfeet]

Basically any file type that can have a link to a webpage embedded, I believe both .MPG and .WMV are capable of this and a player that will launch the link without asking which WMP 9 was the last WMP I believe that would launch a weblink without asking but I'm sure there were others. Basically how it works is like this: You try to play infected video, video launches default browser to embedded website and then if the browser is unpatched or has any known vulnerabilities you get hit with a driveby. I used to see this trick often here at the shop in the era of fastrack and Limewire, people would look for the latest blockbuster and not think about formatting and get screwed.

As for TFA? Frankly don't surprise me as I've seen the same thing from Best Buy in my area which just reshrinkwraps returned items and will just put them back on the shelf. Funny part is I found out when a local preacher went there and bought an external drive and when first plugged into Windows it asked if he wanted it to play the videos. Well the old guy thought it must be some "Welcome to your new drive" kind of thing and launched it only to be looking at a gangbang vid. Needless to say he freaked and brought it to me thinking his PC must have been hacked!

Frankly anything these big box retailers do anymore really doesn't surprise me which is why i tell folks to ask around and see if the people that have bought from them before were happy. I'm happy to point any potential customers towards previous customers if they want to ask, because i'm proud of my work, but I've seen some of these places...wow is all I got to say. Hell i know so many horror stories from some of these places it ain't even funny, parts ending up "missing" from the PC when they took it to get cleaned, a PC going in for an OS upgrade only to come out with a cheaper graphics card than what it went in with, and stolen RAM is practically SOP in some places. Finally just like in TFA I've seen parts so obviously used sold to customers as new, hell some they didn't even bother blowing dust out the fan or like with the preacher even emptying the drive first.

So I hope they get seriously busted for this and get hit with MASSIVE fines, otherwise they'll just consider it the cost of doing business and continue. I just couldn't do it myself, I take pride in the things I sell and build and try to get the customer the best deal I can. If something is used I tell them upfront and tell them the price difference and let them decide. Of course all drives going through my place are wiped first!

Re:Standard Practice

[mlts]

I don't know if they will get with fines (most of the time, playing the three monkey game will be enough to avoid civil/criminal charges.)

However, this is a lesson to everyone: After buying any new storage media, completely erase it first. This is something I try to keep the habit of doing, be it a USB flash drive, a SD card for my phone, external hard disks, or an internal HDD of a new PC.

The best utility, hands down, is HDDErase because it tells the drive controller to do the dirty work and erase everything, including the host protected area, sector relocation table, etc. I then follow it up by a DBAN, or at least a dd if=/dev/zero of=/dev/sdwhatever. If one can't do an ATA erase, then zeroing it out with a couple passes is the next best thing.

If only on Windows, encrypting the disk with BitLocker, then running the format command will help. The format command in Vista and newer checks to see if the previous data was a BitLocker volume, and if so, scrub away the remnants of the old volume keys. You can use TrueCrypt and create a dummy volume for the same result.

I erase data before using a drive for three reasons:

First, to exercise the drive and all accessible sectors, so the drive relocates marginal stuff immediately. In the old days, you could periodically low level format a HDD which would shrink the drive's capacity, but extend the life of the drive by cleaning out the relocation table and making it ready for handling new defects encountered. However, new drives don't have this, so the next best thing is to test all sectors before use.

Second, there have been cases of people facing criminal and civil charges for data on their storage media that wasn't theirs... it came with the device. Whether this is true or not can be debated, but it is best to not let it happen in the first place.

Third, there is always the chance of malware be installed somewhere along the supply chain. By completely zeroing it out from the MBR to the last sectors, this threat is mitigated for the most part.

This also shows another sad fact. There are a number of "computer repair" places that are pretty shady. I'm sure most readers of /. can likely do better than a lot of repair joints.

Nothing new

[StefanWiesendanger]

I once bought various "new" components from a shop here in Switzerland and after assembling my PC, I was surprised that it booted up with Windows without me installing anything yet... it even contained some PGP keys of the company how bought the disks before me and returned them (and yes, of course I got in contact with them and told them). Well, it had the nice effect for me that in the end I got all the components for free ;-)

Maybe not infected

[MichaelSmith]

I recall from the article that the disk was definitely second hand because it had a whole lot of movies on it (free!) but the guy who reported it to the media made a big song and dance about how the files "appeared corrupt" and "could have infected his system". None of which impresses me much. He could use a secure OS. Other retailers sell stuff which has been returned by customers. DSE should have formatted the disk, and they are at fault for that reason.

IIRC the reason he went to the media was that he is promoting an album or something and this was a golden opportunity to get his face and T shirt on TV.

Re:What?

[Gavin+Rogers]

Selling used stuff as new aside for a second

Umm. No.

The media blowup is being fuelled by "I bought a hard disk and it had hard core porn on it!" sensationalism but seem to be ignoring this deeper issue -
Dick Smith Electronics, Harvey Norman, JB-HiFi and the rest have been getting away with it for years but the fact is selling used goods (no matter how good a condition it's in) as new is illegal.

They can ask the same price for it if the return is in great condition but they can't just seal it back up and pop it back on the shelf next to the new unopened boxes.

DSE = Radio Shack

[ukoda]

For those who don't live in Australia or New Zealand DSE is like Radio Shack but has suffered a worse decline in to just another appliance store. Like Radio Shack DSE used to sell electronic components to the general public and like Radio Shack they have shifted focus to selling appliances. The biggest difference is that if you spend long enough looking it is still possible to find and purchase a resistor at Radio Shack, but at DSE you can't anymore. While the staff at DSE are nice enough people they are low paid drones who often would not think of issues such as formatting returned media. While there may be a company policy on the issue it is probably just one of dozens the staff are meant to follow but, as minimum wage workers, may forget or ignore.

Had this happen to me

[lucidlyTwisted]

Well, a friend. Their HDD had died and they asked me what to do. "Buy a new one" says I. Turns out they had no back-ups of pictures etc, so I offered to try a recovery (no promises and I warned them everything could be lost). Anyhoo, the recovery worked with the failed HDD working as a slave to the new one. I picks up loads of deleted pictures and felt rather chuffed with my little self.

"You seems to have made loads of friends on that Egypt trip." I say.
"Never been to Egypt." they reply.

It takes 5 seconds for me to twig that donkey-boy here had done the recovery on the wrong HDD and more stuff was still being found. School reports, banking spreadsheets, tonnes of stuff. Not really what one expects to find on a "new" HDD. Once I had the pictures recovered from the correct drive (and backed-up) my friend took the "new" HDD back to the shop for a bit of a word.

Selling hooky equipment to a police officer? Not one of the storekeeper's greatest ideas. And for the previous owner, there was enough information on there for someone to do them serious ill. Luckily for them, my friend made the storekeeper physically destroy the drive (and got a full refund).

There's no issue with selling 2nd hand kit, just advertise it as such and make sure it's properly wiped first.